Can't connect to push server: cURL error 7

ℹ️ Support
, , , ,
1

Hi everyone,
I come here to find help because I just spent two days debugging a Nextcloud installation. First of all, I want to say that I am a novice Docker and visually impaired, which does not help, but I manage. :slight_smile:

On the advice of @wwe I followed his (excellent) tutorial to install NC with Docker. The machine is a dedicated server under Ubuntu 22.04 LTS and I have a domain name that points to it.

To make it simple everything goes well until the manual installation of notify_push, there are three OCC commands to pass to install and activate it, Until everything is ok, but the last command gives me an error message and impossible to go further.

root@cassiopea:~/nc-docker # docker compose exec app sh -c 'php occ notify_push:setup https://${OVERWRITEHOST}/push'
✓ redis is configured
🗴 can't connect to push server: cURL error 7: Failed to connect to mydomain.net port 443 after 0 ms: Couldn't connect to server (see ht.se/libcurl/c/libcurl-errors.html) for https://mydomain.net/push/test/cookie

All containers are up

root@cassiopea:~/nc-docker # docker ps -a
CONTAINER ID   IMAGE                            COMMAND                  CREATED          STATUS                    PORTS      NAMES
d031ed2ce714   nextcloud:28                     "/var/www/html/custo…"   26 minutes ago   Up 24 minutes             80/tcp     c4rter-notify_push-1
986383087eac   nextcloud:28                     "/cron.sh"               26 minutes ago   Up 26 minutes             80/tcp     c4rter-cron-1
87063b7a46a5   nextcloud/aio-imaginary:latest   "/start.sh"              26 minutes ago   Up 26 minutes (healthy)   9000/tcp   c4rter-imaginary-1
180d99ddbd2b   nextcloud:28                     "/entrypoint.sh apac…"   26 minutes ago   Up 26 minutes             80/tcp     c4rter-app-1
7469b18a388d   redis:bookworm                   "docker-entrypoint.s…"   26 minutes ago   Up 26 minutes (healthy)   6379/tcp   c4rter-redis-1
f06951ec3969   postgres:15                      "docker-entrypoint.s…"   26 minutes ago   Up 26 minutes (healthy)   5432/tcp   c4rter-db-1

saisissez ou collez du code ici

Can u help please ? Thanks a lot
Cu+
C4rter

2

@C4RT-ER can you share logs on c4rter-notify_push-1 container?

3

please avoid double postings!

4

Hello @Marcus1Pierce

Thank you for joining the discussion. I would like to give you elements, but in the notify-push logs do not dialogue! This is surprising, because all other containers are loquacious but not notify-push but by turning off and on the containers.

cron-1         | Adding user `cron' ...
cron-1         | Adding new group `cron' (1004) ...
cron-1         | Adding new user `cron' (1004) with group `cron (1004)' ...
cron-1         | Not creating home directory `/home/cron'.
cron-1         | Adding new user `cron' to supplemental / extra groups `users' ...
cron-1         | Adding user `cron' to group `users' ...
cron-1         | crond: crond (busybox 1.35.0) started, log level 8
redis-1        | 1:C 18 Apr 2024 07:56:52.009 # WARNING Memory overcommit must be enabled! Without it, a background save or replication may fail under low memory condition. Being disabl                     ed, it can also cause failures without low memory condition, see https://github.com/jemalloc/jemalloc/issues/1328. To fix this issue add 'vm.overcommit_memory = 1' to /etc/sysctl.conf a                     nd then reboot or run the command 'sysctl vm.overcommit_memory=1' for this to take effect.
redis-1        | 1:C 18 Apr 2024 07:56:52.009 * oO0OoO0OoO0Oo Redis is starting oO0OoO0OoO0Oo
redis-1        | 1:C 18 Apr 2024 07:56:52.009 * Redis version=7.2.4, bits=64, commit=00000000, modified=0, pid=1, just started
redis-1        | 1:C 18 Apr 2024 07:56:52.009 # Warning: no config file specified, using the default config. In order to specify a config file use redis-server /path/to/redis.conf
redis-1        | 1:M 18 Apr 2024 07:56:52.010 * monotonic clock: POSIX clock_gettime
redis-1        | 1:M 18 Apr 2024 07:56:52.011 * Running mode=standalone, port=6379.
redis-1        | 1:M 18 Apr 2024 07:56:52.012 * Server initialized
redis-1        | 1:M 18 Apr 2024 07:56:52.013 * Ready to accept connections tcp
db-1           | chmod: changing permissions of '/var/run/postgresql': Operation not permitted
db-1           |
db-1           | PostgreSQL Database directory appears to contain a database; Skipping initialization
db-1           |
db-1           | 2024-04-18 07:56:52.048 UTC [1] LOG:  starting PostgreSQL 15.6 (Debian 15.6-1.pgdg120+2) on x86_64-pc-linux-gnu, compiled by gcc (Debian 12.2.0-14) 12.2.0, 64-bit
db-1           | 2024-04-18 07:56:52.048 UTC [1] LOG:  listening on IPv4 address "0.0.0.0", port 5432
db-1           | 2024-04-18 07:56:52.048 UTC [1] LOG:  listening on IPv6 address "::", port 5432
db-1           | 2024-04-18 07:56:52.059 UTC [1] LOG:  listening on Unix socket "/var/run/postgresql/.s.PGSQL.5432"
db-1           | 2024-04-18 07:56:52.075 UTC [17] LOG:  database system was shut down at 2024-04-18 07:56:30 UTC
db-1           | 2024-04-18 07:56:52.091 UTC [1] LOG:  database system is ready to accept connections
app-1          | Configuring Redis as session handler
app-1          | => Searching for scripts (*.sh) to run, located in the folder: /docker-entrypoint-hooks.d/before-starting
app-1          | AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 172.20.0.4. Set the 'ServerName' directive globally to suppress this mess                     age
app-1          | AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 172.20.0.4. Set the 'ServerName' directive globally to suppress this mess                     age
app-1          | [Thu Apr 18 07:57:23.174402 2024] [mpm_prefork:notice] [pid 1] AH00163: Apache/2.4.57 (Debian) PHP/8.2.18 configured -- resuming normal operations
app-1          | [Thu Apr 18 07:57:23.174441 2024] [core:notice] [pid 1] AH00094: Command line: 'apache2 -D FOREGROUND'
app-1          | 172.20.0.5 - - [18/Apr/2024:07:57:23 +0000] "GET /index.php/apps/notify_push/test/version HTTP/1.1" 200 1506 "-" "-"
imaginary-1    | Imaginary has started
cron-1         | crond: can't change directory to '/home/cron'
cron-1         | crond: USER cron pid  34 cmd php -f /var/www/html/cron.php
db-1           | 2024-04-18 08:01:52.171 UTC [15] LOG:  checkpoint starting: time
db-1           | 2024-04-18 08:01:53.511 UTC [15] LOG:  checkpoint complete: wrote 16 buffers (0.1%); 0 WAL file(s) added, 0 removed, 0 recycled; write=1.312 s, sync=0.009 s, total=1.340 s; sync files=12, longest=0.004 s, average=0.001 s; distance=94 kB, estimate=94 kB
cron-1         | crond: can't change directory to '/home/cron'
cron-1         | crond: USER cron pid  35 cmd php -f /var/www/html/cron.php
db-1           | 2024-04-18 08:06:52.561 UTC [15] LOG:  checkpoint starting: time
db-1           | 2024-04-18 08:06:54.200 UTC [15] LOG:  checkpoint complete: wrote 17 buffers (0.1%); 0 WAL file(s) added, 0 removed, 0 recycled; write=1.610 s, sync=0.007 s, total=1.640 s; sync files=12, longest=0.004 s, average=0.001 s; distance=115 kB, estimate=115 kB
cron-1         | crond: can't change directory to '/home/cron'
cron-1         | crond: USER cron pid  36 cmd php -f /var/www/html/cron.php
db-1           | 2024-04-18 08:11:52.237 UTC [15] LOG:  checkpoint starting: time
db-1           | 2024-04-18 08:11:53.873 UTC [15] LOG:  checkpoint complete: wrote 17 buffers (0.1%); 0 WAL file(s) added, 0 removed, 0 recycled; write=1.610 s, sync=0.007 s, total=1.637 s; sync files=12, longest=0.004 s, average=0.001 s; distance=100 kB, estimate=113 kB
5

@C4RT-ER Can i see your docker-compose file with password deleted? And if you run curl https://mydomain.net/push/test/cookie on your host system what is the result?

6

Of course !

services:
  app:
    image: nextcloud:${NEXTCLOUD_VERSION}
    user: ${UID}:${GID}
    depends_on:
      db:
        condition: service_healthy
      redis:
        condition: service_healthy
    env_file:
      - ./nextcloud.env
    secrets:
      - postgres_db
      - postgres_password
      - postgres_user
      - nextcloud_admin_user
      - nextcloud_admin_password
        #- /media/nextcloud:/var/www/html/data
    volumes:
      - ./nextcloud:/var/www/html
      - ./apps:/var/www/html/custom_apps
      - ./data:/var/www/html/data
      - ./config:/var/www/html/config
      # https://github.com/nextcloud/docker/issues/182
      - ./redis-session.ini:/usr/local/etc/php/conf.d/redis-session.ini
      - ./remoteip.conf:/etc/apache2/conf-available/remoteip.conf:ro
    restart: unless-stopped
    labels:
      - traefik.enable=true
      - traefik.http.routers.${COMPOSE_PROJECT_NAME}.entrypoints=web-secure
      - traefik.http.routers.${COMPOSE_PROJECT_NAME}.priority=1             # for notify_push
      - traefik.http.routers.${COMPOSE_PROJECT_NAME}.rule=Host(`${DOMAIN}`) # Nextcloud public FQDN
      - traefik.http.routers.${COMPOSE_PROJECT_NAME}.tls=true
      - traefik.http.routers.${COMPOSE_PROJECT_NAME}.tls.certresolver=letsencryptresolver
      - traefik.http.routers.${COMPOSE_PROJECT_NAME}.middlewares=secHeaders3@file,nextcloud-redirect@file
      - traefik.http.services.${COMPOSE_PROJECT_NAME}.loadbalancer.server.port=80

    networks:
      proxy:
        aliases:
          - blackcat-studio.net
      default:

  notify_push:
    image: nextcloud:${NEXTCLOUD_VERSION}
    restart: unless-stopped
    user: ${UID}:${GID}
    depends_on:
      - app
    environment:
      - PORT=7867
      - NEXTCLOUD_URL=http://app        # don't go through the proxy to contact the nextcloud server
    entrypoint: /var/www/html/custom_apps/notify_push/bin/x86_64/notify_push /var/www/html/config/config.php
    volumes:
      - ./apps:/var/www/html/custom_apps
      - ./config:/var/www/html/config
    labels:
      - traefik.enable=true
      - traefik.http.routers.${COMPOSE_PROJECT_NAME}_notify_push.entryPoints=web-secure
      - traefik.http.routers.${COMPOSE_PROJECT_NAME}_notify_push.priority=2
      - traefik.http.routers.${COMPOSE_PROJECT_NAME}_notify_push.middlewares=nextcloud_strip_push
      - traefik.http.routers.${COMPOSE_PROJECT_NAME}_notify_push.tls.certresolver=letsencryptresolver
      # necessary for the notify_push app to work:
      - traefik.http.routers.${COMPOSE_PROJECT_NAME}_notify_push.rule=Host(`${DOMAIN}`) && PathPrefix(`/push`)
      - traefik.http.routers.${COMPOSE_PROJECT_NAME}_notify_push.middlewares=nextcloud_striprefix_push@file
      - traefik.http.services.${COMPOSE_PROJECT_NAME}_notify_push.loadbalancer.server.port=7867
    networks:
      - proxy
      - default

  cron:
    image: nextcloud:${NEXTCLOUD_VERSION}
    restart: unless-stopped
    # special UID handling https://github.com/nextcloud/docker/issues/1740
    environment:
      - UID=${UID}
    depends_on:
      - app
    env_file:
      - ./nextcloud.env
    volumes:
      - ./nextcloud:/var/www/html
      - ./apps:/var/www/html/custom_apps
      - ./data:/var/www/html/data
      - ./config:/var/www/html/config
      - ./cron.sh:/cron.sh
    entrypoint: /cron.sh

  db:
    # https://hub.docker.com/_/postgres
    image: postgres:15
    restart: unless-stopped
    user: ${UID}:${GID}
    volumes:
      - ./db:/var/lib/postgresql/data
      - /etc/passwd:/etc/passwd:ro
    environment:
      - POSTGRES_DB_FILE=/run/secrets/postgres_db
      - POSTGRES_USER_FILE=/run/secrets/postgres_user
      - POSTGRES_PASSWORD_FILE=/run/secrets/postgres_password
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -d `cat $$POSTGRES_DB_FILE` -U `cat $$POSTGRES_USER_FILE`"]
      start_period: 15s
      interval: 30s
      retries: 3
      timeout: 5s
    secrets:
      - postgres_db
      - postgres_password
      - postgres_user

  redis:
    image: redis:bookworm
    restart: unless-stopped
    # doesn't work so far :(
          #user: ${UID}:${GID}
    healthcheck:
      test: ["CMD-SHELL", "redis-cli ping | grep PONG"]
      start_period: 10s
      interval: 30s
      retries: 3
      timeout: 3s

  imaginary:
    image: nextcloud/aio-imaginary:latest
    restart: unless-stopped
    user: ${UID}:${GID}
    expose:
      - "9000"
    depends_on:
      - app
    #environment:
    #  - TZ=${TIMEZONE} # e.g. Europe/Berlin
    cap_add:
      - SYS_NICE
    tmpfs:
      - /tmp
networks:
  proxy:
    external: true

secrets:
  nextcloud_admin_password:
    file: ./secrets/nextcloud_admin_password # put admin password in this file
  nextcloud_admin_user:
    file: ./secrets/nextcloud_admin_user     # put admin username in this file
  postgres_db:
    file: ./secrets/postgres_db              # put postgresql db name in this file
  postgres_password:
    file: ./secrets/postgres_password        # put postgresql password in this file
  postgres_user:
    file: ./secrets/postgres_user            # put postgresql username in this file

As explain to @wwe i made a PAT on, my router, ports 80 & 443 forward to the internal IP of my dedicated server but when i make the curl command you asked me i have this result

root@cassiopea:~/nc-docker # curl https://blackcat-studio.net/push/test/cookie
curl: (7) Failed to connect to blackcat-studio.net port 443 after 18 ms: Connection refused
7

Looks like your server can’t be accessed even from your host. Can you check your open port on your host? You can run

sudo apt install lsof
sudo lsof -i -P -n | grep LISTEN